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R I MARKS 

This response is to the Office Action mailed on 04/28/201 1 . 
From the action: 

This action is a non-final action in response to communication filed on 02 
February 2011. Claims 40-42, 46-53, 70-72 and 75-82 are pending in the application. 
Claims 40-42, 46-53, 70-72 and 75-82 are rejected. 

Applicant's response: 

Acknowledged 

From the action: 

Response to Amendment 

This action is in response to the amendment filed on 02/02/2011. Claims 40-42, 
46-53, 70-72, and 75-82 are pending in this action. Claims 40 and 70 are being further 
amended. 

Applicant's response: 

Acknowledged 

From the action: 

Response to Arguments 

Applicant's arguments, see remarks, filed 02/02/201 1, with respect to the rejection(s) 
of claim(s) 40-42, 46-53, 70-72 and 75-82 under 102 (b) have been fully considered and 
are persuasive. Therefore, the rejection has been withdrawn. However, upon further 
consideration, a new ground(s) of rejection is made Parekh et al, US Pub. No. 
2004/0215630 in view of Smith et al. (hereinafter Smith) (US Patent No. 6, 594, 673) and 
further in view of Hasan et al. (hereinafter Hasan) (US Pub. No. 2003/01 10262). 
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Applicant's response: 

The applicant notes that the only amendment made to the broadest claim in the 
last response was to add that the gateway is at the computer appliance, which was 
implicit in the limitations before the amendment. The applicant is therefore surprised and 
dismayed that a new search was done citing eleven new references. In reviewing the case 
history it appears that a new search has been done at each action, with new references 
added in the second, third, fourth, eighth and tenth actions. The applicant has no further 
intention of amending the claims, and therefore hopes that the latest of the many searches 
has been done thoroughly and properly, so the applicant may finally be aware of the art 
that may be applied against applicant's claims. 

Further the applicant is dismayed that a new rejection has been asserted 
combining three of the new references cited for the first time in this tenth paper. Since 
the broadest claim changed hardly at all in the last round, surely this art could have been 
cited in the last round or before. Analyzing each new rejection, studying each new 
reference, and preparing detailed responses to the examiner's assertions and allegations is 
an expensive and time-consuming process. So the applicant is wondering, that if he is 
found persuasive in this new response to the entirely newly cited art and rejections, after 
having been found persuasive in the last response, is there a reasonable expectation of an 
allowance, rather than a new search and a new rejection ". . .on further consideration. . ."? 

From the action: 

Claim Rejections - 35 $ USC 103 

Claims 40-42, 47, 49-53, 70-72, and 75,76,78,79, 81-82 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Parekh et al. (hereinafter Parekh) (US Pub. No. 
2004/0215630) in view of Smith et al. (hereinafter Smith) (US Patent No. 6,594,673) and 
further in view of Hasan et al. (hereinafter Hasan) (US Pub. No. 2003/01 10262). 

As to claims 40 and 70, Parekh discloses a communication management system 
and method, comprising: a computer appliance associated with a particular user (see at 
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least abstract, paragraph (0017) Fig. 2; a policy enforcement device (202)); a data 
repository coupled to the computer appliance storing a directory of contact identities (see 
at least paragraph (0038), Fig. 2, database (204) which contains (customers, resources, 
policies)); a zone manager (i.e. 212) (resource manager) (Fig. 2) enabling the user to 
create one or more zones defined each by a business or a social activity (see at least 
paragraph (009, 0032, 0034), Fig. 1, RSP (102) with sub customers TSP 1, TSP 2, EC1 
and TSP 1 with further branches etc.), and to create management policies associated with 
and specific to each zone created (see at least paragraphs (0036, 0037), RSP and TSP 
then control their immediate customers by implementing policies and allocating resources 
to their immediate customers, further the attributes of the resources can be number of 
rules, the number of IP addresses and the bandwidth etc.); and an identity/zone firewall 
acting as an enforcer of management policies and serving as a gateway at the computer 
appliance through which incoming and outgoing communications pass (see at least 
paragraph (0045, 0058, 0059), Figures 4a and 4b, tables 1 and 2 and related details). 

Although, Parekh discloses the substantial features of applicant's claimed 
invention, Parekh fails to expressly disclose: wherein creating one or more zones are 
defined by a business or a social activity; and associate specific contact identities with 
individual ones of the zones created. Nevertheless, these features were well known in the 
art at the time of present invention. 

In analogous teaching, Smith exemplifies this wherein Smith teaches: creating 
one or more zones are defined by a business or a social activity; and associate specific 
contact identities with individual ones of the zones created (see Smith at least abstract, 
Fig. 4, 5 and details; wherein an interactive collaborative information system creating and 
link information such as emails, bulletin boards, chats, politics, and other activities etc.). 

Thus given the teaching of Smith, it would have been obvious to one of the 
ordinary skill person in the art of networking to combine the teaching of Parekh into 
Smith for creating social or business zones. Motivation for doing so would have been to 
allow users to more easily find other users with the same interested. 
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Although, Parekh-Smith discloses the substantial features of applicant's claimed 
invention, Parekh further fails to expressly disclose: wherein firewall acting as an 
enforcer of management policies and serving as a gateway is, at the computer appliance 
through which incoming and outgoing communications; and wherein individual incoming 
or outgoing communications are associated at the identity/zone firewall with a zone, by 
one or both of identities of sender and receiver and message content, and the management 
policies specific to that zone are enforced before the communications are allowed to pass. 

In analogous teaching, Hasan exemplifies this wherein Hasan teaches: wherein 
firewall acting as an enforcer of management policies and serving as a gateway is, at the 
computer appliance through which incoming and outgoing communications; and wherein 
individual incoming or outgoing communications are associated at the identity/zone 
firewall with a zone, by one or both of identities of sender and receiver and message 
content, and the management policies specific to that zone are enforced before the 
communications are allowed to pass (see Hasan: at least paragraphs (0086, 0103, 0129, 
0132,0136), Figures 1 and9B). 

Thus given the teaching of Hasan, it would have been obvious to one of the 
ordinary skill person in the art of networking to combine the teaching of Parekh-Smith 
into Hasan for firewall acting as a management policy enforcer. Motivation for doing so 
would have been to make user created zones more secure by having individual security 
parameters. 

As to claim 41, Parekh-Smith disclose wherein Smith further discloses the system 
of claim 40 wherein contact identities may be names or aliases of person or devices (see 
Smith at least abstract, Fig. 4, 5 and details). 

As to claim 42, Parekh discloses the system of claim 40 further comprising an 
interface to a network, wherein the communication involves sending or receiving 
message over the network (see at least paragraphs (0045, 0058, 0059, 0088 )). 
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As to claims 43-45, (Cancelled). 

As to claim 47, Parekh disclose the system of claim 40 wherein contact identities 
of single users or devices may vary by communication mode as well as by zone (see at 
least paragraphs (0045, 0058, 0059, 0088)). 

As to claim 49, Parekh discloses the system of claim 40 wherein contact identities 
include both sender and recipients (see at least paragraphs (0045, 0058, 0059, 0088)). 

As to claim 50, Parekh discloses the system of claim 40 further comprising 
generated alerts from attempted policy violation (see at least paragraph (0045, 0058, 
0059)). 

As to claim 51, Parekh discloses the system of claim 41 wherein contact identity 
name may be in a form of a URI, an email address, a telephone number, a machine 
address, an IP address, or a text message (see at least paragraphs (0036, 0037)). 

As to claim 52, the combination of Parekh-Hasan disclose the system of claim 40 
wherein management policy includes automatic handling of incoming communication 
events, the handling determined by one or both of contact identity and mode of 
communication (see Parekh: paragraphs (0045, 0058, 0059) and Hasan: at least 
paragraphs (0148)). 

As to claim 53, Parekh discloses the system of claim 40 further comprising an 
interactive user interface for a user to create and populate zones, enter contact identities 
and create, edit, and associate policy (see at least paragraphs (0029, 0032, 0048)). 

As to claims 54-69, 73 and 74, (Cancelled). 
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As to claims 71-72 and 75-76, 78, 79, 81 and 82, there claimed limitations are 
same as previously addressed claims 41-42 and 47, 49-53 except being method claims 
and therefore are rejected for the same rational as 41-42, and 47, 49-53. 

Claims 46, 48, 77 and 80 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Parekh-Smith-Hasan and further in view of Pounds et al. (hereinafter 
Pounds) (US Patent No. 6, 560, 222). 

As to claim 46, Parekh discloses the system of claim 40 wherein messaging in 
multiple modes and protocols is supported, including but not limited to voice and text 
(see at least paragraphs (0045, 0058, 0088)) but fails to expressly disclose wherein 
messaging can be voice and text. In analogous teaching Pounds teaches: wherein messing 
can be voice and text (see Pounds: at least abstract, col. 5, lines 57-63; enabling voice, 
data, video, and other communications to occur in an efficient and integrated manner) for 
the motivation of allocating and utilizing available communications sources. 

As to claim 48, the combination of Parekh-Pounds disclose wherein the system of 
claim 46 wherein the multiple modes and protocols include email, instant messaging, 
RSS, voice mode, network-news transport protocol (NNTP), file transport protocol 
(FTP), really simple syndication (RSS), universal discovery- description and integration 
(UDDI), lightweight directory- access protocol (LDAP), multipurpose internet mail 
extensions (MIME, post office protocol (POP), simple mail transport protocol (SMTP), 
Internet message access protocol (IMAP), session initiation protocol (SIP), text 
messaging services (TMS), and hypertext transport protocol (HTTP) (see at least Parekh: 
paragraphs (0045, 0058, 0059, 0088) and Pounds: col. 40, lines 1-34). 

As to claims 77 and 80, there claimed limitations are same as previously 
addressed claims 46 and 48 except being method claims and therefore are rejected for the 
same rational. 
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Applicant's response: 

The examiner is applying Parekh as follows: At each allegation by the examiner 
the applicant responds with his rebuttal. 



The examiner states: 

"As to claims 40 and 70, Parekh discloses a communication management system 
and method, comprising: a computer appliance associated with a particular user (see at 
least abstract, paragraph (0017) Fig. 2; ..." 



Applicant's rebuttal: 

The limitation to which Parakh is applied here is "...a computer appliance 
associated with a particular user. . ." The abstract of Parekh recites: 



ABSTRACT 

The present invention provides a system, method and computer program product for 
managing customers in a hierarchical manner. The customer hierarchy comprises a root 
service provider (RSP), tiered service providers (TSPs) and end customers. The present 
invention enables the governing of the customers by a large service provider by providing 
an ability to make smaller service providers as customers and managing their resources. 
The smaller service provider, in turn, can have its own customers. The smaller service 
provider governs these customers without interference from the service providers above it 
in the hierarchy. The customers are governed by policies. A policy is a set of rules laid 
down by the service provider to control the customers. The present invention also enables 
the service provider to implement different policies on different customers and change 
the policy for a customer without affecting other customers. 

The applicant urges strongly that after reading this abstract several times, there is 

absolutely nothing found in the abstract that teaches or infers a computer appliance 

associated with a particular user. 



Fig. 2 applied by the examiner for this limitation shows a block diagram of the 
Parakh system with a "user interface". A skilled person will infer that a "user interface" 
is an interface to be used by any user of the system. There is no restriction in the diagram 



-14- 



to a particular user, that is, one person in particular. Further, paragraph 17 of Parekh is 
merely a short description of Fig. 2, and adds nothing that might come close to limiting 
the user interface of Parekh to a particular user. 

The fact of a particular user is important in the limitation, because the system of the 
invention allows that user to create zones defined by his or her business or social activity, and 
to create management policies associated with the zones. These zones and policies would not 
make sense over a plurality of users. The examiner has been a participant in at least two 
detailed conferences with the inventors and their representative, and has recently refused a 
third, and has to be aware of this limitation. 

Therefore the reference Parekh fails to teach or suggest the first limitation in claim 
40, a computer appliance associated with a particular user. 

Another very serious problem with the reference Parekh is that claims 40 and 70 are 
limited to "communications", and recite a firewall through which incoming and outgoing 
communications pass. As is abundantly clear considering claim 46, which recites: 

"46. (Previously presented) The system of claim 40 wherein messaging in multiple modes 
and protocols is supported, including but not limited to voice and text." 

. . .that the communications are messages. The examiner, after four years in prosecution of 
this case, comprising eight actions and seven response, is tying to stretch the 
"communications" limitation, which are clearly messaging, to simple transmission of data as 
taught in Parekh. Parekh does not teach or suggest management of messages as 
communications, and the examiner must be fully aware of this fact. In further support of this 
failure of the reference Parekh, the examiner applies Parekh in rejecting claim 46 as follows: 

"As to claim 46, Parekh discloses the system of claim 40 wherein messaging in multiple 
modes and protocols is supported, including but not limited to voice and text (see at least 
paragraphs (0045, 0058, 0088))." 
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The applicant reproduces here the applied paragraphs of Parekh: 



"[0045] An alarm manager 236 receives alarms from policy enforcement device 202. 
Alarm manager 236 stores the alarm in database 204, processes the alarm for monitoring 
purposes and then passes it to customer visibility filter 234. Customer visibility filter 234 
figures out which customer the alarm belongs to and then sends the alarm to the customer 
and its immediate service provider." 

Quite clearly paragraph 45 of Parekh has nothing whatever to do with the 
limitation to which it is applied, that is, messaging in multiple modes and protocols. 

[0058] FIGS. 4a and 4b show tables depicting the policies enforced in a hierarchical 
manner. Table 1 shows the rules created by RSP 102 for EC 1 108 and table 2 shows the 
rules for EC 1 108. Rows of the tables represent rules and the columns represent 
information relating to the rules. The "source" and "destination" columns of tables 1 and 
2 denote the source and destination Internet Protocol (IP) addresses relating to the 
network traffic. The "application" column denotes the type of application, the "direction" 
column denotes the direction of network traffic flow, and the "time" column denotes the 
time for which the rule is applicable. The "F W action" column denotes the firewall action 
relating to the rule and the "inherited from" column denotes the service provider from 
which the rule has been inherited. In table 2, rules 3 and 4 are the rules added by EC 1 108 
to the rules made by RSP 102. Rule 1 will not be effective as it contradicts with the rule 1 
given by RSP 102 and is a lower priority rule. Rule 4 will become effective, as it does not 
conflict with any rules given by RSP 102 and hence network traffic on which this rule 
will be enforced will have rule 4 as the highest priority matched rule. 

Quite clearly paragraph 58 of Parekh has nothing whatever to do with the 
limitation to which it is applied, that is, messaging in multiple modes and protocols. 

[0088] A person skilled in the art can appreciate that it is not necessary that the various 
processing machines and/or storage elements be physically located in the same 
geographical location. The processing machines and/or storage elements may be located 
in geographically distinct locations and connected to each other to enable 
communication. Various communication technologies may be used to enable 
communication between the processing machines and/or storage elements. Such 
technologies include session of the processing machines and/or storage elements, in the 
form of a network. The network can be an intranet, an extranet, the Internet or any client 
server models that enable communication. Such communication technologies may use 
various protocols such as TCPIIP, UDP, ATM or OSI. 
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Quite clearly paragraph 88 of Parekh has nothing whatever to do with the 
limitation to which it is applied, that is, messaging in multiple modes and protocols. 

The teachings of Parekh do not apply to the limitations to which they are applied 
for a good reason. That is that the reference Parekh is not a communication management 
system for managing messages, but a system for managing customers in a hierarchical 
manner. The skilled person would NOT turn to Parekh for teaching in any way how to 
manage communications by creating zones, associating contacts with zones, creating 
policies for individual zones, and enforcing the policies at a firewall. Parekh is 
completely foreign to the invention claimed, and does not qualify as a primary reference 
in a 103 combination rejecting claims 40 and 70 of the present invention. It seems the 
examiner has simply settled on Parekh because Parekh has a "policy enforcement 
device". 

The examiner states: 

"...a policy enforcement device (202); a data repository coupled to the computer 
appliance storing a directory of contact identities (see at least paragraph (0038), Fig. 2, 
database (204) which contains (customers, resources, policies));" 

Applicant's rebuttal: 

The claim has a distinct limitation: "a data repository coupled to the computer 
appliance storing a directory of contact identities. . .". The examiner applies database 
204, which contains customers, resources, and policies. Unfortunately for the rejection, 
customers, resources and policies are not contact identities. Contact identities, as the 
examiner must know, are the identities of persons to whom a particular person (that 
person uniquely associated to the computer) is connected in a communication message- 
managing system. These are such as contacts in an email client, contacts in SKYPE, and 
so forth. It is recognized in the Office that the claims are to be interpreted in light of the 
disclosure. The examiner has had this disclosure through eight actions, and has 
participated in two conferences with the inventors and their representative, and must be 
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aware of the meaning of contact identities in the claims. Database 204 of Parekh does 
not read on this limitation, again for the rather simple reason that Parekh does not 
describe a communication management system in any way as claimed. 

The examiner states: 

"...a zone manager (i.e. 212) (resource manager) (Fig. 2) enabling the user to 
create one or more zones defined each by a business or a social activity (see at least 
paragraph (009, 0032, 0034), Fig. 1, RSP (102) with sub customers TSP 1, TSP 2, EC1 
and TSP 1 with further branches etc.), ..." 

Applicant's rebuttal: 

Firstly the examiner has conveniently neglected to consider the entire claimed 
limitation, which recites: 

"a zone manager enabling the user to create one or more zones defined each by a 
business or a social activity, to associate specific contact identities with individual ones of the 
zones created, and to create management policies associated with and specific to each zone 
created;" The examiner neglects entirely to show any art for associating contact identities 
with individual ones of the zones created. 

Further, the zone manager recited in the claim enables the user to create the zones 
defined each by a business or social activity. The examiner applies Parekh paragraphs 009, 
032 and 034, and mentions Fig. 1, RSP (102) with sub customers TSP 1, TSP 2, EC1 and 
TSP 1 with further branches etc.). 

Paragraphs 009, 032 and 034 are reproduced below: 

[0009] The hierarchy is based on the agreement between the customers and the 
immediate service provider. A customer can join the RSP or a TSP as an end customer or 
a TSP. If the customer joins the hierarchy as a TSP, the customers can create further 
customers and do not need approval from any of the TSPs, which are above it in the 
customer hierarchy, or from the RSP as long as the TSP has resources. 

[0032] In a customer hierarchy that is arranged in the form of a tree, a customer at the 
root of the customer hierarchy is called an RSP. A customer at the end of a branch in the 
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customer hierarchy is called an end customer (EC). A customer neither at the root of the 
customer hierarchy nor at the end of a branch is called a TSP. An RSP can create zero 
or more TSPs and zero or more end customers under it. A TSP can also create zero or 
more TSPs and zero or more end customers under it. An end customer cannot create 
further customers. The RSP provides services to the TSPs and end customers that are its 
immediate customers. The TSPs under the RSP in turn provides services to their 
immediate customers. 

[0034] In a preferred embodiment of the present invention, a customer can join a place in 
the customer hierarchy based on an agreement with the immediate service provider. The 
immediate service provider can be an RSP or a TSP in the customer hierarchy. The 
customer can join as an end customer or a TSP. If the customer joins the hierarchy as a 
TSP, the customer can create further customers and need no Oct. 28,2004 approval from 
TSPs above it in the customer hierarchy or the RSP as long as it has resources. 

The applicant is simply at a loss to understand what these paragraphs have to do 
in any way with a zone manager that enables a user to create message zones that arc 
defined by a business or a social activity. The examiner is quite clearly attempting to 
equate either Parekh's "Customers" or Parekhs "Service Providers" with applicant's 
recited zones. The two are not even similar, but, arguendo, even if they were, there is no 
teaching in Parkh for a user to create the service providers or customers or to define then 
with a business or social activity. 

The zone manager limitation in applicant's claims is not taught in any way in 
reference Parekh. This deficiency alone is sufficient to render the 103 rejection faulty; 
but it but one of many deficiencies in the rejection. 



The examiner states: 

"...and to create management policies associated with and specific to each zone 
created (see at least paragraphs (0036, 0037), RSP and TSP then control their immediate 
customers by implementing policies and allocating resources to their immediate 
customers, further the attributes of the resources can be number of rules, the number of IP 
addresses and the bandwidth etc.); 
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Applicant's rebuttal: 

Parekh paragraphs 0036 and 0037 applied are reproduced below: 



[0036] The RSP or the TSPs control their immediate customers by implementing policies 
and allocating resources to their immediate customers. In a preferred embodiment of the 
present invention, the policies are based on the agreement between the RSP or the TSPs 
and their immediate customers. The RSP or the TSPs also manage the resources of their 
immediate customers. The resources encompass all the aspects that a service provider 
wants to control. These aspects are called the attributes of the resource. Exemplary 
attributes can be the number of rules, the number of IP addresses and the bandwidth. 
[0037] The policies in the customer hierarchy are implemented through a policy 
enforcement device. FIG. 2 is a block diagram of the hierarchical service management 
system with a user interface and the policy enforcement device, the user interface and the 
policy enforcement device being controlled by the hierarchical service management 
system. 

The applicant urges that the references to managing resources of their immediate 
customers has clearly nothing at all to do with the claim language. It does appear that 
there are "policies" in Parekh based on agreements between RSPs and TSPs. But there is 
no teaching that a user of the management system is enabled to create these policies and 
associate them with and specific to each zone created. 



Applicant urges that the technology, the architecture and the purpose of applicant's 
claims and Parekh are so radically different that it is very difficult to guess what the examiner 
imagines are the applicable equivalents. 



The examiner states: 

"...and an identity/zone firewall acting as an enforcer of management policies 
and serving as a gateway at the computer appliance through which incoming and 
outgoing communications pass (see at least paragraph (0045, 0058, 0059), Figures 4a and 
4b, tables 1 and 2 and related details). 



Applicant's rebuttal: 

Parekh paragraphs 0045, 0058 and 0059 applied are reproduced below: 
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[0045] An alarm manager 236 receives alarms from policy enforcement device 202. 
Alarm manager 236 stores the alarm in database 204, processes the alarm for monitoring 
purposes and then passes it to customer visibility filter 234. Customer visibility filter 234 
figures out which customer the alarm belongs to and then sends the alarm to the customer 
and its immediate service provider. 

[0058] FIGS. 4a and 4b show tables depicting the policies enforced in a hierarchical 
manner. Table 1 shows the rules created by RSP 102 for EC 1 108 and table 2 shows the 
rules for EC 1 108. Rows of the tables represent rules and the columns represent 
information relating to the rules. The "source" and "destination" columns of tables 1 and 
2 denote the source and destination Internet Protocol (IP) addresses relating to the 
network traffic. The "application" column denotes the type of application, the "direction" 
column denotes the direction of network traffic flow, and the "time" column denotes the 
time for which the rule is applicable. The "FW action" column denotes the firewall action 
relating to the rule and the "inherited from" column denotes the service provider from 
which the rule has been inherited. In table 2, rules 3 and 4 are the rules added by EC 1 108 
to the rules made by RSP 102. Rule 1 will not be effective as it contradicts with the rule 1 
given by RSP 102 and is a lower priority rule. Rule 4 will become effective, as it does not 
conflict with any rules given by RSP 102 and hence network traffic on which this rule 
will be enforced will have rule 4 as the highest priority matched rule. 
[0059] To detect an alarming condition in the network, policy enforcement device 202 
generates an alarm when the flow of network traffic matches a predefined rule. The alarm 
generation when the flow of network traffic matches a predefined rule can be used to 
detect situations like security breach in the system. FIG. 5 is a flowchart illustrating the 
functioning of an alarm when the flow of network traffic matches with a predefined rule. 

It is clear that there is a policy enforcement device 202 in Parekh, which acts to 
enforce policies by generating alarms and sending the alarms to various ones of the 
customers. This device, however, does not operate as a firewall at the user's computer 
through which incoming and outgoing communications pass. It is emphasized again that 
the examiner has erroneously equated "network traffic" in Parekh with "communications" 
in the claims, which are messages. 



The examiner states: 

"Although, Parekh discloses the substantial features of applicant's claimed 
invention, Parekh fails to expressly disclose: wherein creating one or more zones are 
defined by a business or a social activity; and associate specific contact identities with 
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individual ones of the zones created. Nevertheless, these features were well known in the 
art at the time of present invention. 



Applicant's rebuttal: 

Factually, Parekh discloses close to nothing at all of the features of applicant's 
claimed invention. Parekh does NOT teach a communication management system which 
deals with communications as messages, as is clear from the wherein clause of claim 40 
and from claim 46, both of which make it abundantly clear that the communications 
managed are messages, not data streamed as in Parekh. It has to be understood in context 
that if the communications are associated at the firewall with a zone, according to a 
sender or receiver or message content, that the communications must be messages. 
Parekh does not manage messages. Further, Parekh does NOT store contact identities 
and associate them with zones created. Further, Parekh does NOT enable a user to create 
zones in the sense and context of a zone as clearly described in applicant's disclosure. 
About the only commonality of Parekh and applicant's claims is that Parekh teaches a 
policy enforcement device, albeit the policies enforced are not associated with zones that 
are defined according to business or social activity, nor is a user enabled to create the 
zones and policies and to associate them. 

The examiner states: 

"In analogous teaching, Smith exemplifies this wherein Smith teaches: creating 
one or more zones are defined by a business or a social activity; and associate specific 
contact identities with individual ones of the zones created (sec Smith at least abstract, 
Fig. 4, 5 and details; wherein an interactive collaborative information system creating and 
link information such as emails, bulletin boards, chats, politics, and other activities etc.). 

Thus given the teaching of Smith, it would have been obvious to the ordinarily- 
skill person in the art of networking to combine the teaching of Parekh into Smith for 
creating social or business zones. Motivation for doing so would have been to allow users 
to more easily find other users with the same interested." 
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Applicant's rebuttal: 

Smith's Abstract is reproduced just below: 

"A context manager for providing a framework for enabling continuous customer access 
resource innovation by maximizing open business processes. The context manager allows 
multiple combinations of users to access various business processes through multiple 
types of customer access resources . The context manager includes a context manager 
management interface for creating a context manager object for a session, the context 
manager object providing a bridge from customer access resources to business processes 
and maintaining a context of the session across customer access resources." 

Firstly in rebuttal a careful reading of Smith's Abstract, applied by the examiner 
for the limitation of: " creating one or more zones are defined by a business or a social 
activity; and associate specific contact identities with individual ones of the zones 
created. . ." has no teaching whatever regarding enabling a specific user of a computer 
appliance to create one or more zones defined by a business or a social activity, or to 
associate specific contact identities with individual ones of the zones created. 

Applicant has studied Fig. 4, applied by the examiner for the same limitations, 
and has also studied all of the detail description of Fig. 4 in Smith, beginning at line 54 in 
col. 8, and proceeding to line 58 in col. 10, with this result. 

Firstly, it seems the examiner must be attempting to equate "resources" in Smith 
to applicant's zones. The resources in Smith are groups of agents in a contact center 
assigned to one or another resource by virtue of similar skill sets, so a calling party may 
be routed (or more specifically, the call may be routed) to a group (resource) wherein the 
agents are all qualified by skill to respond to the caller. Further the word "contact" in 
Smith has no similarity in meaning to "contact identity" in applicant's disclosure and 
claims. Smith refers to contacts as the fact of establishing a communication, that is, 
making "contact" (see Smith col. 5, 1 1-4; col. 5, 1 64-65; col. 6, 1 21-22, and 1 29-30; col. 
6, 1 42-44; and many, many more). The examiner has evidently been looking for words 
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rather than meaning, or just has a profound misunderstanding of applicant's claimed 
invention and the meaning of the terms. 

So it seems in Smith that the resources are created by comparing agent's skill sets, 
while in applicant's claim the zones are created arbitrarily by the specific user according 
to a business activity or a social function. As an example, the user may have a business 
for which she may wish to create a communication zone, and to associate the contact 
identities of her business colleagues, employees, customers, and the like. She may also 
play goalie for the United States Women's World Cup Soccer Team, and she may wish to 
create a communication zone at her computer to which she can associate the contact 
identities of her coach, her fellow players, referees, the World Cup association, and the 
like. This is all very clear in applicant's disclosure, and has been discussed in detail in at 
least two conferences with the examiner, who must have missed the point. 

In any case, there is no similarity between Smith's resources and applicant's 
zones, and there is no association in Smith with a zone and a contact identity. Therefore, 
so far, in the 103 rejection applying Parekh in view of Smith and Hasan, Parekh is seen to 
teach none of the features of applicant's invention, and to be therefore inoperable as a 
primary reference in such a combination, and Smith has been shown to teach nothing of 
the limitation to which it is applied. 

The examiner states: 

"Although, Parekh-Smith discloses the substantial features of applicant's claimed 
invention, Parekh further fails to expressly disclose: wherein firewall acting as an 
enforcer of management policies and serving as a gateway is, at the computer appliance 
through which incoming and outgoing communications; and wherein individual incoming 
or outgoing communications are associated at the identity/zone firewall with a zone, by 
one or both of identities of sender and receiver and message content, and the management 
policies specific to that zone are enforced before the communications are allowed to pass. 

In analogous teaching, Hasan exemplifies this wherein Hasan teaches: wherein 
firewall acting as an enforcer of management policies and serving as a gateway is, at the 
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computer appliance through which incoming and outgoing communications; and wherein 
individual incoming or outgoing communications are associated at the identity/zone 
firewall with a zone, by one or both of identities of sender and receiver and message 
content, and the management policies specific to that zone are enforced before the 
communications are allowed to pass (see Hasan: at least paragraphs (0086, 0103, 0129, 
0132,0136), Figures 1 and9B). 

Thus given the teaching of Hasan, it would have been obvious to one of the 
ordinary skill person in the art of networking to combine the teaching of Parekh-Smith 
into Hasan for firewall acting as a management policy enforcer. Motivation for doing so 
would have been to make user created zones more secure by having individual security 
parameters. 

Applicant's rebuttal: 

Firstly, the limitations to which Hasan is applied are reproduced just below: 

"... wherein individual incoming or outgoing communications are associated at the 
identity/zone firewall with a zone, by one or both of identities of sender and receiver and 
message content, and the management policies specific to that zone are enforced before 
the communications are allowed to pass." 

The paragraphs of Hasan applied by the examiner are reproduced below, each paragraph 
followed by the applicant's comments.: 

[0086] The policy management application 252 enforces subscriber level access control 
policies to maintain the data integrity and validates policies installed. Before the rules are 
installed, they are checked for integrity and for any possible security holes in a rule base, 
as well as to determine whether there is any conflict in any of the other service 
application rules. The policy management application can retrieve rules on a subscriber 
basis. This application also handles definition of VPN policies and command line 
interface definitions of router configurations. 
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There is some wording here about enforcing policies, but there is no mention of 
communications (messages) either incoming or outgoing, or that such messages may be 
associated at a firewall with a zone, nor how such association, if it were taught at all, 
might be made (upon what criteria). In applicant's claimed invention association of a 
message with a zone is made at the firewall, by the firewall, and the criteria for 
association are contact identities of sender or receiver, and message content. 

[0103] The policy configuration engine 276 uses a policy string or set of strings that 
mimics well-known or commercially utilized policies for services such as firewalls which 
are sent to the multifunction device for VPN and Firewall policies. The engine takes 
incoming configuration, parses it and hands it off to the IPC mechanism. The 
configuration request and parameters are then sent to the appropriate service (which will 
configure its individual parameters). 

There is some wording here about commercially utilized firewall policies. But 
there is no association with any zone by criteria of contact identity or message content. 
Also no teaching of policy enforcement after the zone is identified. 

[0129] In one embodiment, this is implemented using each content services application. 
The content services application for the VPN, for example, will search through rules to 
allow appropriate settings for protocols, such as IPSec and IKE, to pass through a firewall 
implementation, and change appropriate DNS settings, both of which are implemented by 
other systems to implement a VPN. Similarly, the VPN application may make changes to 
NAT settings implemented by the NAT service application 

There is some wording here about certain protocols being allowed to pass through 
a firewall, but again, the actual limitations of the claim are not a part of any consideration 
in applying this paragraph.. 



-26- 



[0132] For example, in order to implement services using the multifunction appliance, 
address objects and service objects are first defined, and these objects are used to 
configure the actual service functions of the multifunction device. As noted above, the 
service editor can be launched in one of three contexts: Administrator, Device or 
Subscriber. In one embodiment, the system is provided with a plurality of content 
services which can be performed by the multifunction device, including, for example, 
stateful firewall, virtual private networking, quality of service (bandwidth management), 
network address translation, web switching and secured sockets layer protocol. 

Nothing here that has any relationship to the actual limitations recited in the claim. 

[0136] Service objects represent individual services that make up content services used 
by subscribers. For example, a firewall will use any number of individual service objects 
to control access to a secured domain. The firewall may control access to individual ports 
of the domain for various services such as Telnet, SSL, SMTP, LDAP, IKE, etc. Each 
individual service has a service object defined for it. Each service object will include, for 
example, a name and definition, depending on the service provided. SSL, for example, 
requires port destinations for the source and destination ports. FTP, requires control and 
data port definitions, for example. Service objects provide the definitions required for 
each service to enable the multifunction appliance to perform the service. 

Ditto. No relationship to the actual limitations in the claim. 

So all that is taught by Hasan relative to the claim limitations is that there is a 
firewall. The applicant is not claiming just a firewall. The applicant is claiming a 
firewall with very specific functionality. Applicant's firewall, as claimed, operates at the 
computer uniquely associated with the specific user, associates each incoming and 
outgoing message at the specific user's computer with a zone, which has been created by 
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the user defined as limited to a business or social activity. Each zone is associated with 
specific contact identities. The zone for an incoming or outgoing message is determined 
by the contact identities of either the sender or intended receiver of the message or by 
message content. Remember that each zone created has contact identities associated 
therewith. If one of the sender or receiver has a contact identity associated with a zone, 
then that's the zone for the message. If the content of the message aligns the message 
with a business or social activity, that determines the zone. 

Once the zone is determined in applicant's claimed invention (none or which is 
taught in any way in Hasan), then the policies created by the user for that zone are 
consulted and applied before the message is allowed to pass the firewall. 

None of the actual limitations of the claim to which the examiner applies the 
teaching of Hasan are actually taught or in any way suggested in Hasan. 

Therefore, claims 40 and 70 must be patentable over the 103 rejection over 
Parekh in view of Smith and Hasan. Every single application of art by the examiner has 
been shown to be inarguably faulty. Therefore dependent claims 41, 42, 46-53, 71, 72, 
and 75-82 are patentable either on their merits or as depended from a patentable claim. 

Conclusion 

Of great relevance here is whether a skilled person would find teaching in Parekh, 
along with perhaps "common knowledge in the art" to apply to solving the problem or 
unmet need identified in applicant's application, which would result in an invention 
having the limitations of claim 40 and 70 to which the examiner applies Parekh. 

It should be remembered by both practitioners and examiners that the starting 
point in a 103 consideration is the stated problem or need in the application. The skilled 
person who might create the instant invention does NOT have the applicant's claims or 
disclosure. He or she has a problem or unmet need. The next step is finding art that is 
applicable, and combining the teaching of the art to produce the invention. If the 
examiner starts with the exact claim limitations and looks for art that teaches said 
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limitations, and then settles on the format of the rejection, which is what most examiners 
do, then the fault of hindsight is unavoidable. 

Applicant provides here a quotation from applicant's specification that deals with 
the need: 

"Therefore, what is clearly needed in the art is an enhanced identity oriented 
communication, collaboration, and enhanced digital collection platform that will manage 
content, contacts, and communication-based tasks according to preferred user 
environments, activities, and identities. A platform such as this will perform 
management duties in the background while the user can concentrate on immediate 
communication, collaboration, and collection activities. Such a platform will enrich 
interaction between users and other network-based entities without compromising user- 
pertinent information for un-solicited use by certain entities." 

Applicant urges strongly that there is so little applicability of the teaching of 
Parekh to applicant's need that it is quite clear that the skilled person would NOT turn to 
Parekh as presenting solutions to this need. Parekh does NOT teach an enhanced 
identity-oriented communication, collaboration, and enhanced digital collection platform 
that will manage content, contacts, and communication-based tasks according to 
preferred user environments, activities, and identities. Parekh teaches a hierarchical 
system for managing customers. So the skilled person would not turn to Parekh, and the 
rejection fails at the beginning. 

Still, it is inevitable that the search must be guided by the claim limitations, and 
the art found must be applied to the limitations to show that the limitations are either 
taught or at least suggested by the art. It has been abundantly shown that none of the 
references, not one, actually teach or suggest the limitations in claims 40 or 70. 
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Summary 

As all of the claims, as amended and argued above, have been shown to be 
patentable over the art presented by the Examiner, applicant respectfully requests 
reconsideration and the case be passed quickly to issue. 

If any fees are due beyond fees paid with this amendment, authorization is made 
to deduct those fees from deposit account 50-0534. If any time extension is needed 
beyond any extension requested with this amendment, such extension is hereby 
requested. 
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